How to protect your virtual machines from malware, without hurting performance

Virtual-machinesVirtual machines — whether running on VMware ESXi, Citrix Xen, or Microsoft Hyper-V — create an interesting security challenge. On one hand, they’re every bit as susceptible to malware and other threats as conventional systems. On the other hand, traditional antivirus software doesn’t always play nicely with dynamic, highly consolidated virtual environments.

In particular, the overhead of running multiple concurrent antivirus scanners on a single host can affect performance and scalability. Meanwhile, the constant starting, stopping, and cloning of virtual machines can leave systems unprotected.

A new Sophos whitepaper explores these challenges and presents two effective approaches to securing your virtual machines without sacrificing performance: agentless antivirus and virtualization-optimized endpoint security.

Simultaneous scheduled or on-demand scans can lead to a “scan storm,” increasing resource use and decreasing system performance.

Simultaneous scheduled or on-demand scans can lead to a “scan storm,” increasing resource use and decreasing system performance.

“Scan storms occur when a host’s resources are overwhelmed by many virtual machines (VM) running antivirus scans at the same time. Because each VM is engaged in nearly identical behavior requiring multiple input/output (I/O) operations and substantial CPU processing, data throughput and system response time can slow noticeably. Even an otherwise speedy SAN or local storage array can be affected by the sheer volume of simultaneous read requests.”

The paper also covers how to choose the best approach and the right Sophos product (Sophos Antivirus for vShield, Sophos Server Protection, or Sophos Endpoint Antivirus) for your needs.

Download Two Great Ways to Protect Your Virtual Machines From Malware to learn more about how to deliver performance and security in your virtual data center (registration required).